package com.pioneer.dao;

import com.pioneer.beans.Job;

import com.pioneer.beans.Item;
import com.pioneer.beans.JobItem;

import java.sql.SQLException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
import java.sql.ResultSet;

import java.util.Properties;
import java.util.List;
import java.util.ArrayList;
import java.util.StringTokenizer;


/**
 * Title:        Pioneer Application
 * Description:
 * Copyright:    Copyright (c) 2001
 * Company:      Pioneer Metals
 * @author Gary Chen
 * @version 1.0
 */

public class JdbcSecurityDAO
	extends JdbcDAO
	implements SecurityDAO {

	
    public JdbcSecurityDAO(Properties properties)
	throws DataAccessException
	{
		super(properties);
    }
	
	
	public boolean isAuthenticated(String username, String password)
	throws DataAccessException {		
		Statement stat=null;
		ResultSet rs=null;		
		try
		{
			stat=connection.createStatement();
			rs=stat.executeQuery("select * from [user] where "+
			"username='"+username+"' and password='"+password+"'");
			return rs.next();			
		}
		catch (SQLException ex)
		{
			throw new DataAccessException(ex.getMessage());
		}
		finally
		{
			try
			{
				if (rs!=null) rs.close();
				if (stat!=null) stat.close();
			}
			catch (SQLException ex)
			{
				System.err.println(ex.getMessage());
			}
		}		
	}
	
	public String getRole(String username)
	throws DataAccessException {
		Statement stat=null;
		ResultSet rs=null;		
		try
		{
			stat=connection.createStatement();
			rs=stat.executeQuery("select * from [user] where "+
			"username='"+username+"'");
			if (rs.next()) {
				return rs.getString("role");
			}
			else throw new DataAccessException("The user "+username+" was not found");			
		}
		catch (SQLException ex)
		{
			throw new DataAccessException(ex.getMessage());
		}
		finally
		{
			try
			{
				if (rs!=null) rs.close();
				if (stat!=null) stat.close();
			}
			catch (SQLException ex)
			{
				System.err.println(ex.getMessage());
			}
		}		
	}

}